Home • The Program • The Sessions • The Speakers • Downloads

____________________________________

The Sessions

Sarbanes Oxley and the Assessment of the Integrity of Financial Information Systems

David Handal, KPMG and Jai Cullath, KPMG

Section 404 of the Sarbanes-Oxley Act (SOA) of 2002 requires Company management to assess and report on the company's internal control and the company's independent, outside auditors to issue a management's assessment. This session will focus on what SOA requires and how those requirements are handled, what is the best way of fulfilling requirements internally; how the external assessments are conducted, what is being done from the point of auditing and control, especially in the context of Section 404.

Spreadsheets, XML, and Web Services Integrity: Considerations in a 404 Environment

Eric Cohen, PricewaterhouseCoopers

Did you hear about the $1.1 Billion dollar error that came from "honest mistakes made in a spreadsheet used in the implementation of a new accounting standard?" Such errors are more common than you think, and they are much more than minor inconveniences. They can have a very significant impact on the integrity of an entity’s financial information. Lack of controls over spreadsheets, has been a contributing factor in financial reporting errors at a number of companies. Such errors are regular front page news in the financial press. Emerging technologies like XML and Web Services in conjunction with spreadsheets can reduce some of the threats to financial information integrity, but introduce new challenges. Come learn about spreadsheet threats, and XML and Web services-leveraged solutions and challenges. The session will include discussions from the PwC whitepaper "The Use of Spreadsheets: Considerations for Section 404 of the Sarbanes-Oxley Act")

Securing and Assuring the Integrity of a Financial Information System

Tom Higginbotham, Microsoft Business Solutions

The integrity of a financial information system is assured when the proper internal controls are in place as well as best practices implemented for securing data. In many of the cases when financial information is located on servers and in databases, Microsoft technologies play an active role in the overall infrastructure and system design. The purpose of this session will be to share best practices to assure a secure financial information system environment. In addition, it will discuss Microsoft’s security commitment and technical strategy as well as share some of the tools that have already been developed to help customers in securing their systems.

Properly Obtaining and Securing Evidence in a Computer Crime Investigation

Amelia Phillips, Computer Forensics Consultant and Textbook author

Cyber crime is becoming more prevalent as this century progresses. Corporate embezzlement, malicious hackers, and unwary users place all companies at risk. In all instances, sooner or later the investigation will focus on a digital storage device whether it is a hard drive, zip drive, PDA, cell phone or thumb drive. Many investigations will result in disciplinary action or a law suit. It is imperative that proper procedures are followed during the investigation and that chain of evidence is preserved. This session explores how to approach the investigations along with some of the tools that are available to investigators to retrieve that digital evidence. It also touches on the “sleuthing” side of digital investigations.